Authorization Using the Publish-Subscribe Model
Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. As distributed...
View ArticleSupport for ANSI RBAC in EJB
We analyze access control mechanisms of the Enterprise Java Beans (EJB)architecture and define a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB...
View ArticleSecure Web 2.0 Content Sharing Beyond Walled Gardens
Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we...
View ArticleTowards Investigating User Account Control Practices in Windows Vista
This poster presents the research plan for investigating user account control practices in Windows Vista. The research will explore end users' behaviours in using user account types acrossWindows Vista...
View ArticleTowards Improving the Availability and Performance of Enterprise...
Authorization protects application resources by allowing only authorized entities to access them. Existing authorization solutions are widely based on the request-response model, where a policy...
View ArticleA Case Study of Enterprise Identity Management System Adoption in an...
This case study describes the adoption of an enterprise identity management(IdM) system in an insurance organization. We describe the state of the organization before deploying the IdM system, and...
View ArticleTowards Developing Usability Heuristics for Evaluation of IT Security...
Evaluating the usability of specific information technology (IT) security tools is challenging. For example, laboratory experiments can have little validity due to the complexity of real-world security...
View ArticlePreparation, detection, and analysis: the diagnostic work of IT security...
Purpose — The purpose of this study is to examine security incident response practices of IT security practitioners as a diagnostic work process, including the preparation phase, detection, and...
View ArticleSecurity Research Advances in 2009
This presentation reviews latest scientific conference reports on the cutting edge research in computer security. It presents and explains 2009 highlights from such top world annual research...
View ArticleAuthorization Recycling in Hierarchical RBAC Systems
As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point...
View ArticleAn RT-based Policy Model for Converged Networks
Technologies advanced in communication devices and wireless networks enable telecommunication network operators to provide rich personalized multimedia services. To attract potential customers and...
View ArticlePoster: OpenIDemail Enabled Browser
Today's Web is site-centric. Web users have to maintain a separate copy of user ID and password for each website, which leads to weaker passwords and password re-use across accounts. Currently,...
View ArticleInvestigating an Appropriate Design for Personal Firewalls
Personal firewalls are an important aspect of security for home computer users, but little attention has been given to their usability. We conducted semi-structured interviews to understand...
View ArticleInvestigating User Account Control Practices
Non-administrator user accounts and the user account control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of...
View ArticleSIMD-Scan: Ultra Fast in-Memory Table Scan Using on-Chip Vector Processing Units
The availability of huge system memory, even on standard servers, generated a lot of interest in main memory database engines. In data warehouse systems, highly compressed column-oriented data...
View ArticleOpen problems in Web 2.0 user content sharing
Users need useful mechanisms for sharing their Web 2.0 content with each other in a controlled manner across boundaries of content-hosting and service providers (CSPs). In this paper, we discuss open...
View ArticleAnalysis of ANSI RBAC Support in COM+
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. Using...
View ArticleDo Windows Users Follow the Principle of Least Privilege? Investigating User...
The principle of least privilege requires that users and their programs be granted the most restrictive set of privileges possible to perform required tasks in order to limit the damages caused by...
View Article"I did it because I trusted you": Challenges with the Study Environment...
We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. Our experimental design aimed to mitigate some of the limitations of that prior study, including...
View ArticlePoster: Validating and Extending a Study on the Effectiveness of SSL Warnings
We recently replicated and extended a 2009 study that investigated the effectiveness of SSL warnings. The original study was conducted at CMU by Sunshine et al. [2], and we will refer to it as the CMU...
View Article
